<html>
<body>
Reports classes that implement <code>java.io.Serializable</code> where the <code>readResolve()</code>
or <code>writeReplace()</code> methods are not declared <code>protected</code>.
<p>
  Declaring <code>readResolve()</code> and <code>writeReplace()</code> methods <code>private</code>
  can force subclasses to silently ignore them, while declaring them
  <code>public</code> allows them to be invoked by untrusted code.
</p>
<p>
  If the containing class is declared <code>final</code>, these methods can be declared <code>private</code>.
</p>
<p><b>Example:</b></p>
<pre><code>
  class ClassWithSerialization implements Serializable {
    public Object writeReplace() { // warning: 'writeReplace()' not declared protected
        ...
    }
  }
  </code>
</pre>
<!-- tooltip end -->

</body>
</html>